Secure Coding mailing list archives

Re: Anyone looked at security features of D programming la nguage compared to Spark?

From: Jim & Mary Ronback <Jim_Ronback () dccnet com>
Date: Fri, 23 Apr 2004 21:52:48 +0100


Jeremy Epstein wrote:


Jim & Mary Ronback opined:
 

I am hard put to find an example of a language feature which makes a 
system more secure but less safe or vice versa, in any context. Can 
anyone else think of one?
   



Not 100%, but consider automatic garbage collection.  Tends to make a system
*more secure*, because it's associated with languages that avoid pointers with
all their evilness.  Tends to make a system less safe, because if the
garbage collection occurs at the wrong time (e.g., when you're spitting out
radiation for a medical instrument), it could cause the system to
temporarily freeze.

--Jeremy

 

It is not clear how an attacker could exploit the lack of automatic 
garbage collection to contribute to a security breach.
I  would agree with you if you replaced "*more secure*" with "*more 
reliable*".


Jim

Current thread:

RE: Anyone looked at security features of D programming language compared to Spark? Jeremy Epstein (Apr 23)
- RE: Anyone looked at security features of D programming language compared to Spark? ljknews (Apr 23)
- Re: Anyone looked at security features of D programming la nguage compared to Spark? Jim & Mary Ronback (Apr 23)